Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 11:35:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

fixes #4966

Browse Source
This commit is contained in:
Julian Lam
2016-08-22 16:24:28 -04:00
parent de49de3c56
commit 60ea7d5121
4 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app.js
View File

@@ -103,6 +103,8 @@ function loadConfig() {
nconf.set('themes_path', path.resolve(__dirname, nconf.get('themes_path')));
nconf.set('core_templates_path', path.join(__dirname, 'src/views'));
nconf.set('base_templates_path', path.join(nconf.get('themes_path'), 'nodebb-theme-persona/templates'));
nconf.set('url_parsed', url.parse(nconf.get('url')));
}

4
public/src/ajaxify.js
View File

@@ -334,9 +334,7 @@ $(document).ready(function() {
return;
}
var internalLink = this.host === '' || // Relative paths are always internal links
(this.host === window.location.host && this.protocol === window.location.protocol && // Otherwise need to check if protocol and host match
(RELATIVE_PATH.length > 0 ? this.pathname.indexOf(RELATIVE_PATH) === 0 : true)); // Subfolder installs need this additional check
var internalLink = utils.isInternalURI(this, window.location, RELATIVE_PATH);
if ($(this).attr('data-ajaxify') === 'false') {
if (!internalLink) {

8
public/src/utils.js
View File

@@ -431,6 +431,14 @@
}
return utils.props(obj[prop], newProps, value);
},
isInternalURI: function(targetLocation, referenceLocation, relative_path) {
return targetLocation.host === '' || // Relative paths are always internal links
(
targetLocation.host === referenceLocation.host && targetLocation.protocol === referenceLocation.protocol && // Otherwise need to check if protocol and host match
(relative_path.length > 0 ? targetLocation.pathname.indexOf(relative_path) === 0 : true) // Subfolder installs need this additional check
);
}
};

11
src/controllers/authentication.js
View File

@@ -6,6 +6,7 @@ var passport = require('passport');
var nconf = require('nconf');
var validator = require('validator');
var _ = require('underscore');
var url = require('url');
var db = require('../database');
var meta = require('../meta');
@@ -168,7 +169,7 @@ authenticationController.registerComplete = function(req, res, next) {
} else {
res.redirect(nconf.get('relative_path') + '/');
}
}
};
async.parallel(callbacks, function(err) {
if (err) {
@@ -187,7 +188,7 @@ authenticationController.registerComplete = function(req, res, next) {
});
};
authenticationController.registerAbort = function(req, res, next) {
authenticationController.registerAbort = function(req, res) {
// End the session and redirect to home
req.session.destroy(function() {
res.redirect(nconf.get('relative_path') + '/');
@@ -197,7 +198,11 @@ authenticationController.registerAbort = function(req, res, next) {
authenticationController.login = function(req, res, next) {
// Handle returnTo data
if (req.body.hasOwnProperty('returnTo') && !req.session.returnTo) {
req.session.returnTo = req.body.returnTo;
// As req.body is data obtained via userland, it is untrusted, restrict to internal links only
var parsed = url.parse(req.body.returnTo);
var isInternal = utils.isInternalURI(url.parse(req.body.returnTo), nconf.get('url_parsed'), nconf.get('relative_path'));
req.session.returnTo = isInternal ? req.body.returnTo : nconf.get('url');
}
if (plugins.hasListeners('action:auth.overrideLogin')) {